Welcome!

Linux Authors: Pat Romanski, Elizabeth White, Trevor Parsons, John Savageau, Carmen Gonzalez

Related Topics: Linux

Linux: Article

Defend I.T.

Tap the best computer-security practices and industry standards to deter attacks and better defend networks

The battle between IT professionals and those who use the Internet for destructive purposes is raging - and there's no end in sight. Reports of computer crime and incidents from the CERT Coordination Center at Carnegie Mellon University more than double each year and are expected to rise. Meanwhile, viruses and worms continue to take down organizations for days. In the following interview, I had the opportunity to talk with cyber security experts Ajay Gupta and Scott Laliberte about their latest book, Defend I.T.: Security by Example (Addison-Wesley, 0-321-19767-4). We discussed who is winning the cyber-security war and what some of the most overlooked security measures are. Read on for the rest of the story.

Tell me about your book.
Defend I.T. is a collection of case studies from our experiences in the field. These case studies are representative of the vast array of security consulting engagements we see in the computer security, forensics, and data privacy arena.

How is this book different from the vast majority of security books that are currently on the market?
It consists entirely of case studies, which is different. Topics range from war dialing, wireless security, computer viruses, computer forensics, HIPAA assessment, and social engineering. People tend to relate better and comprehend more when issues are presented as real-life examples.

Why did you write this book?
When writing Hack I.T., the single most consistent recommendation from our reviewers was for more case studies. We thought of writing a book strictly on case studies, and providing the entire view: what was in place before, the issue at hand, what was done in response, and what may have been done differently to avoid the situation.

Information security is a challenging area. Organizations face security issues every day, but due to the need for confidentiality around these issues they're reluctant to share lessons learned with their peers and other organizations. This book fills a need. We are providing the lessons learned in an anonymous fashion so readerscan benefit from our experience as well as the experience of other organizations.

How is it most relevant to the security community and/or Linux community?
Defend I.T. attempts to illustrate the breadth and scope of knowledge a security consultant should have - covering both the technical and soft skills necessary to be successful in the field.

As we stated earlier the book provides perspective and advice on real-life security issues many organizations are struggling with. Whether the OS is Linux or Windows-based, the issues are similar. The cases cover many OSs and issues your readers would be dealing with.

How can this book help my business/why should I buy it?
It allows businesses to learn from the mistakes - and successes - of other organizations' responses to (commonly occurring) security incidents.

It's apparent that security "incidents" are occurring all the time. Each day you can see a new headline highlighting the latest incident that has occurred. The CERT Coordination Center reported that for the year 2003 there were 138,000 incidents, a 68% increase in the number of incidents reported in 2002 (82,000 incidents) and over six times the 21,000 incidents reported in 2000.

Who has the upper hand these days, hackers or IT professionals? Who is winning the war?
That's a difficult question to answer. Awareness is going up and more organizations are starting to spend money to improve security. Often we're seeing organizations throwing money and software products at security problems without having the strategy, procedures, or expertise to properly and effectively use them. The security community has come a long way, but so have the attackers. The attacks are constantly evolving and respond to each improvement in security. It's too early to tell who's winning.

What are some of the most overlooked security measures?
Strategy and procedures - organizations throw money and security products at security problems without the proper planning or the expertise to best leverage their investment. Also, password strength (or the lack of strength in their passwords) continues to be overlooked.

Companies are getting better at updating their antivirus software and running virus scans on a daily basis; however, given the increasing frequency and severity of viruses, worms, Trojans, spyware, and malicious code, this is an area that demands constant vigilance. Related to this point, most companies allow HMTL-enabled e-mails onto their e-mail servers. Malicious code is often coded right into the HTML and simply opening the e-mail can execute and launch a virus. Firms may want to look at going to text-only e-mails for added security.

About Ajay Gupta and Scott Laliberte
Ajay Gupta, CISSP, founder, and president of Gsecurity, is an expert on cyber security, secure architecture, and information privacy. Gsecurity provides cyber security and data privacy services to federal, state, and local governments, as well as commercial clients in the educational, financial, and health-care sectors.

Scott Laliberte is one of the leaders of Protiviti's Global Information Security Practice. He has extensive experience in the areas of information systems security, network operations, incident response, and eCommerce.

Ajay and Scott are also coauthors of Hack I.T. - Security Through Penetration Testing (Addison-Wesley, 0-201-71956-8)

More Stories By Ibrahim Haddad

Ibrahim Haddad is a member of the management team at The Linux Foundation responsible for technical, legal and compliance projects and initiatives. Prior to that, he ran the Open Source Office at Palm, the Open Source Technology Group at Motorola, and Global Telecommunications Initiatives at The Open Source Development Labs. Ibrahim started his career as a member of the research team at Ericsson Research focusing on advanced research for system architecture of 3G wireless IP networks and on the adoption of open source software in telecom. Ibrahim graduated from Concordia University (Montréal, Canada) with a Ph.D. in Computer Science. He is a Contributing Editor to the Linux Journal. Ibrahim is fluent in Arabic, English and French. He can be reached via http://www.IbrahimHaddad.com.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


@ThingsExpo Stories
Things are being built upon cloud foundations to transform organizations. This CEO Power Panel at 15th Cloud Expo, moderated by Roger Strukhoff, Cloud Expo and @ThingsExpo conference chair, addressed the big issues involving these technologies and, more important, the results they will achieve. Rodney Rogers, chairman and CEO of Virtustream; Brendan O'Brien, co-founder of Aria Systems, Bart Copeland, president and CEO of ActiveState Software; Jim Cowie, chief scientist at Dyn; Dave Wagstaff, VP and chief architect at BSQUARE Corporation; Seth Proctor, CTO of NuoDB, Inc.; and Andris Gailitis, C...
The Internet of Things is tied together with a thin strand that is known as time. Coincidentally, at the core of nearly all data analytics is a timestamp. When working with time series data there are a few core principles that everyone should consider, especially across datasets where time is the common boundary. In his session at Internet of @ThingsExpo, Jim Scott, Director of Enterprise Strategy & Architecture at MapR Technologies, discussed single-value, geo-spatial, and log time series data. By focusing on enterprise applications and the data center, he will use OpenTSDB as an example t...
Scott Jenson leads a project called The Physical Web within the Chrome team at Google. Project members are working to take the scalability and openness of the web and use it to talk to the exponentially exploding range of smart devices. Nearly every company today working on the IoT comes up with the same basic solution: use my server and you'll be fine. But if we really believe there will be trillions of these devices, that just can't scale. We need a system that is open a scalable and by using the URL as a basic building block, we open this up and get the same resilience that the web enjoys.
Code Halos - aka "digital fingerprints" - are the key organizing principle to understand a) how dumb things become smart and b) how to monetize this dynamic. In his session at @ThingsExpo, Robert Brown, AVP, Center for the Future of Work at Cognizant Technology Solutions, outlined research, analysis and recommendations from his recently published book on this phenomena on the way leading edge organizations like GE and Disney are unlocking the Internet of Things opportunity and what steps your organization should be taking to position itself for the next platform of digital competition.
SYS-CON Media announced that Splunk, a provider of the leading software platform for real-time Operational Intelligence, has launched an ad campaign on Big Data Journal. Splunk software and cloud services enable organizations to search, monitor, analyze and visualize machine-generated big data coming from websites, applications, servers, networks, sensors and mobile devices. The ads focus on delivering ROI - how improved uptime delivered $6M in annual ROI, improving customer operations by mining large volumes of unstructured data, and how data tracking delivers uptime when it matters most.
In their session at @ThingsExpo, Shyam Varan Nath, Principal Architect at GE, and Ibrahim Gokcen, who leads GE's advanced IoT analytics, focused on the Internet of Things / Industrial Internet and how to make it operational for business end-users. Learn about the challenges posed by machine and sensor data and how to marry it with enterprise data. They also discussed the tips and tricks to provide the Industrial Internet as an end-user consumable service using Big Data Analytics and Industrial Cloud.
How do APIs and IoT relate? The answer is not as simple as merely adding an API on top of a dumb device, but rather about understanding the architectural patterns for implementing an IoT fabric. There are typically two or three trends: Exposing the device to a management framework Exposing that management framework to a business centric logic Exposing that business layer and data to end users. This last trend is the IoT stack, which involves a new shift in the separation of what stuff happens, where data lives and where the interface lies. For instance, it's a mix of architectural styles ...
Almost everyone sees the potential of Internet of Things but how can businesses truly unlock that potential. The key will be in the ability to discover business insight in the midst of an ocean of Big Data generated from billions of embedded devices via Systems of Discover. Businesses will also need to ensure that they can sustain that insight by leveraging the cloud for global reach, scale and elasticity.
The Industrial Internet revolution is now underway, enabled by connected machines and billions of devices that communicate and collaborate. The massive amounts of Big Data requiring real-time analysis is flooding legacy IT systems and giving way to cloud environments that can handle the unpredictable workloads. Yet many barriers remain until we can fully realize the opportunities and benefits from the convergence of machines and devices with Big Data and the cloud, including interoperability, data security and privacy.
The Internet of Things (IoT) promises to evolve the way the world does business; however, understanding how to apply it to your company can be a mystery. Most people struggle with understanding the potential business uses or tend to get caught up in the technology, resulting in solutions that fail to meet even minimum business goals. In his session at @ThingsExpo, Jesse Shiah, CEO / President / Co-Founder of AgilePoint Inc., showed what is needed to leverage the IoT to transform your business. He discussed opportunities and challenges ahead for the IoT from a market and technical point of vie...
IoT is still a vague buzzword for many people. In his session at @ThingsExpo, Mike Kavis, Vice President & Principal Cloud Architect at Cloud Technology Partners, discussed the business value of IoT that goes far beyond the general public's perception that IoT is all about wearables and home consumer services. He also discussed how IoT is perceived by investors and how venture capitalist access this space. Other topics discussed were barriers to success, what is new, what is old, and what the future may hold. Mike Kavis is Vice President & Principal Cloud Architect at Cloud Technology Pa...
Dale Kim is the Director of Industry Solutions at MapR. His background includes a variety of technical and management roles at information technology companies. While his experience includes work with relational databases, much of his career pertains to non-relational data in the areas of search, content management, and NoSQL, and includes senior roles in technical marketing, sales engineering, and support engineering. Dale holds an MBA from Santa Clara University, and a BA in Computer Science from the University of California, Berkeley.
The Internet of Things (IoT) is rapidly in the process of breaking from its heretofore relatively obscure enterprise applications (such as plant floor control and supply chain management) and going mainstream into the consumer space. More and more creative folks are interconnecting everyday products such as household items, mobile devices, appliances and cars, and unleashing new and imaginative scenarios. We are seeing a lot of excitement around applications in home automation, personal fitness, and in-car entertainment and this excitement will bleed into other areas. On the commercial side, m...
"People are a lot more knowledgeable about APIs now. There are two types of people who work with APIs - IT people who want to use APIs for something internal and the product managers who want to do something outside APIs for people to connect to them," explained Roberto Medrano, Executive Vice President at SOA Software, in this SYS-CON.tv interview at Cloud Expo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
An entirely new security model is needed for the Internet of Things, or is it? Can we save some old and tested controls for this new and different environment? In his session at @ThingsExpo, New York's at the Javits Center, Davi Ottenheimer, EMC Senior Director of Trust, reviewed hands-on lessons with IoT devices and reveal a new risk balance you might not expect. Davi Ottenheimer, EMC Senior Director of Trust, has more than nineteen years' experience managing global security operations and assessments, including a decade of leading incident response and digital forensics. He is co-author of t...
Performance is the intersection of power, agility, control, and choice. If you value performance, and more specifically consistent performance, you need to look beyond simple virtualized compute. Many factors need to be considered to create a truly performant environment. In his General Session at 15th Cloud Expo, Harold Hannon, Sr. Software Architect at SoftLayer, discussed how to take advantage of a multitude of compute options and platform features to make cloud the cornerstone of your online presence.
DevOps Summit 2015 New York, co-located with the 16th International Cloud Expo - to be held June 9-11, 2015, at the Javits Center in New York City, NY - announces that it is now accepting Keynote Proposals. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long development cycles that produce software that is obsolete at launch. DevOps may be disruptive, but it is essential.
The Internet of Things will greatly expand the opportunities for data collection and new business models driven off of that data. In her session at @ThingsExpo, Esmeralda Swartz, CMO of MetraTech, discussed how for this to be effective you not only need to have infrastructure and operational models capable of utilizing this new phenomenon, but increasingly service providers will need to convince a skeptical public to participate. Get ready to show them the money!
The 3rd International Internet of @ThingsExpo, co-located with the 16th International Cloud Expo - to be held June 9-11, 2015, at the Javits Center in New York City, NY - announces that its Call for Papers is now open. The Internet of Things (IoT) is the biggest idea since the creation of the Worldwide Web more than 20 years ago.
The 3rd International Internet of @ThingsExpo, co-located with the 16th International Cloud Expo - to be held June 9-11, 2015, at the Javits Center in New York City, NY - announces that its Call for Papers is now open. The Internet of Things (IoT) is the biggest idea since the creation of the Worldwide Web more than 20 years ago.